$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa File: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (raw, json) Hash identifier: o+pOkcwKHxGSvQaifGq0xJXpDTkUQq605CBpkxt+glg= Subject key identifier: A5:39:59:CC:0A:9F:96:46:04:2F:12:F1:5E:0F:21:5A:AA:D9:D1:69 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3E70CF13EA0D5D365FED271D564A7D4B8D211574 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa Signing time: Tue 25 Mar 2025 16:50:02 +0000 ROA not before: Tue 25 Mar 2025 16:50:02 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2403:b300:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 00:02:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:70:cf:13:ea:0d:5d:36:5f:ed:27:1d:56:4a:7d:4b:8d:21:15:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 25 16:50:02 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=5de96dee938cb18405fb399650f14613b238be8270d323920445a8d89f37a36b, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:38:2f:af:71:94:a6:c3:b4:c5:84:db:c3:f3: 5e:98:7f:45:44:c1:ce:36:07:ac:69:dd:05:71:9c: bc:d2:b2:74:12:22:f6:62:32:d7:e9:12:66:c8:37: ed:ec:0f:91:94:c3:e9:8b:8b:e0:ea:7e:aa:75:64: 29:40:2c:34:be:20:31:94:d3:25:dd:c3:e8:07:92: 08:63:d1:0f:15:29:84:cb:47:01:a5:e9:86:42:d8: 90:8d:35:d1:92:61:82:8f:28:de:26:7a:c7:ae:ef: e3:6d:4d:12:7e:64:10:e8:b3:1e:f7:6d:3f:70:05: 7b:6f:12:10:ca:dd:e1:db:52:cf:63:3d:91:c3:5c: 64:10:36:c7:90:c4:a0:81:5b:43:a2:fa:61:c7:ce: 04:4e:b9:31:80:5f:9e:39:9e:6e:bc:4c:5e:b7:07: 2e:21:ff:ee:ff:89:c8:f8:83:1f:a9:0d:bb:99:2a: 29:94:84:b7:83:ec:87:b6:26:0d:93:04:b0:11:a4: 12:0c:74:12:39:a3:8f:ca:e3:60:d4:a7:51:d2:a3: f9:ba:dc:0a:fa:2a:42:8d:3b:55:9f:27:fc:e0:08: 76:8d:75:4f:f0:37:0b:93:76:0e:be:8f:06:c8:b5: 40:ce:58:30:41:87:f5:2b:36:65:7c:b9:27:75:3d: 8a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:39:59:CC:0A:9F:96:46:04:2F:12:F1:5E:0F:21:5A:AA:D9:D1:69 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1000::/48 Signature Algorithm: sha256WithRSAEncryption 21:04:57:41:1a:dd:26:49:4e:08:17:33:c9:28:02:7e:a2:94: bd:32:36:f0:9d:0e:fa:1c:1c:7d:cc:8d:bd:42:05:10:20:3b: 75:2d:3c:72:eb:09:e3:3c:58:c8:1f:f5:6a:7c:05:fa:e4:0e: b2:62:97:2f:e5:a2:89:0f:1d:43:21:84:cd:93:5a:29:4f:27: 22:ec:eb:83:1f:ce:e0:7d:e5:d2:39:3c:2e:32:9c:57:97:a7: d4:ec:60:e9:1b:76:f9:97:e8:60:42:23:33:35:bf:1a:b1:96: cb:3b:f3:0b:48:41:f4:2e:b7:85:e0:78:fa:54:0a:a0:96:25: 34:0c:17:20:5d:0e:34:6d:fd:29:67:89:b5:b1:ca:b2:0d:e5: 10:b8:8b:49:9d:a9:51:91:f2:1c:c0:46:66:c5:8f:5e:80:8d: 10:3b:a8:b5:94:82:c7:13:c7:f6:94:90:cd:e0:78:39:ff:79: 33:e7:04:2b:65:f7:69:60:57:7f:83:91:e8:44:71:eb:ac:60: dc:f9:ef:74:62:84:34:83:90:7f:9e:4e:e3:4b:4c:df:2c:7f: 3d:b7:2b:d0:bc:e6:a2:1b:b4:85:25:a0:e5:0e:cc:40:f4:e1: e2:46:20:08:ca:ff:92:68:38:00:ad:a2:61:86:c4:99:e6:ae: 79:b5:8d:7b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPnDPE+oNXTZf7ScdVkp9S40hFXQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDMyNTE2NTAwMloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANWRlOTZkZWU5MzhjYjE4NDA1ZmIz OTk2NTBmMTQ2MTNiMjM4YmU4MjcwZDMyMzkyMDQ0NWE4ZDg5ZjM3YTM2YjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zgvr3GUpsO0xYTbw/NemH9FRMHO Ngesad0FcZy80rJ0EiL2YjLX6RJmyDft7A+RlMPpi4vg6n6qdWQpQCw0viAxlNMl 3cPoB5IIY9EPFSmEy0cBpemGQtiQjTXRkmGCjyjeJnrHru/jbU0SfmQQ6LMe920/ cAV7bxIQyt3h21LPYz2Rw1xkEDbHkMSggVtDovphx84ETrkxgF+eOZ5uvExetwcu If/u/4nI+IMfqQ27mSoplIS3g+yHtiYNkwSwEaQSDHQSOaOPyuNg1KdR0qP5utwK +ipCjTtVnyf84Ah2jXVP8DcLk3YOvo8GyLVAzlgwQYf1KzZlfLkndT2KuwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKU5WcwKn5ZGBC8S8V4PIVqq2dFpMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzRiYmQxYmRmLTg2NmUtNGIyNS05YWM2LWU5MjlhMDUwODBiOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAAMA0GCSqGSIb3DQEBCwUAA4IBAQAhBFdBGt0mSU4IFzPJ KAJ+opS9MjbwnQ76HBx9zI29QgUQIDt1LTxy6wnjPFjIH/VqfAX65A6yYpcv5aKJ Dx1DIYTNk1opTyci7OuDH87gfeXSOTwuMpxXl6fU7GDpG3b5l+hgQiMzNb8asZbL O/MLSEH0LreF4Hj6VAqgliU0DBcgXQ40bf0pZ4m1scqyDeUQuItJnalRkfIcwEZm xY9egI0QO6i1lILHE8f2lJDN4Hg5/3kz5wQrZfdpYFd/g5HoRHHrrGDc+e90YoQ0 g5B/nk7jS0zfLH89tyvQvOaiG7SFJaDlDsxA9OHiRiAIyv+SaDgAraJhhsSZ5q55 tY17 -----END CERTIFICATE-----Generated at Thu Apr 17 08:01:20 2025 by rpki-client